<?php
//Output
$output = "";
if($_SESSION['user_role'] == 1||$_SESSION['user_role'] == 2||$_SESSION['user_role'] == 3){
	if(!empty($_GET['offer'])&&empty($_POST['buy_offer'])){
		$offers = getOffer($_GET['offer']);
		$offer = mysql_fetch_array($offers);
		// Title
		$output .= "<h1>Buy this offer</h1><br>";
		$output .= "<form action='#' method='post'>";
		$output .= "<table width=80%>";
		$output .= "<tr>";
		$output .= "<th>Price</th>";
		$output .= "<th></th>";
		$output .= "</tr>";
		$output .= "<tr>";
		$output .= '<td><b>'.number_format($offer['price'],2).' CHF</b></td>';
		$output .= "<td><input type=submit name='buy_offer' value='Buy Movie! (cant undo)' /></td>";
		$output .= "</tr>";
		$output .= "<input type=hidden name='offer_id' value='".$_GET['offer']."' />";
		$output .= "</table></form>";
	}
	
	if(isset($_POST['buy_offer'])){
		if(buyMovie($_POST['offer_id'],$_SESSION['user_id']))
		$output .= "<font color=green>You buyed this movie, you'll receive a message with paying informations</font><br><br>";
		else
		$output .= "<font color=red>Cant buy this movie because of you</font><br><br>";
	}
	
}else{
	$output.= "must be logged in";
}
echo $output;
?>